W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2015

Re: Invalid HTTP2 preface handling?

From: Greg Wilkins <gregw@intalio.com>
Date: Thu, 12 Feb 2015 11:03:53 +1100
Message-ID: <CAH_y2NEfaO0jBEOi1CYr=uv4bY+-05AvqMeb_MqvZ14pr=15cA@mail.gmail.com>
To: Willy Tarreau <w@1wt.eu>
Cc: Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
On 11 February 2015 at 17:08, Willy Tarreau <w@1wt.eu> wrote:

> Hi Greg,
>
> On Wed, Feb 11, 2015 at 03:15:38PM +1100, Greg Wilkins wrote:
> > Anyway, I've got my answer.  There is no specific threat, just a
> preference
> > to not allow such a simple upgrade/downgrade for the sake of prudence.
>   I
> > can accept that and while I'm still considering supporting a preface
> based
> > version switch, it will be a use-at-own-risk private feature.
>
> In fact, we all want to be strict on this in order to ensure that no lazy
> implementer would notice it works well without the preface and decides not
> to emit it. That's where the trouble could start.
>


Willy,

definitely not proposing to allow HTTP2 without the prefix.   I'm saying
that if you want HTTP2, then you must follow the standard exactly -
including the preface.

However, if a HTTP/21 client does connect to a HTTP/2 server, the server
will be able to detect this by the lack of preface.  Standard calls for
that to be a connection failure and I agree that is the prudent action for
the specification to require.     However, I have a use case for which I am
considering a non standard extension that would allow the HTTP/1 connection
to proceed (on the shaky ground as PHK says) and I just wanted to know if
there was a specific threat that would expose, or just a general
would-be-better-if-we-didn't-risk-it type of thing.

cheers



-- 
Greg Wilkins <gregw@intalio.com>  @  Webtide - *an Intalio subsidiary*
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com  advice and support for jetty and cometd.
Received on Thursday, 12 February 2015 00:04:23 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:43 UTC